The National Intelligence Director’s research arm kicked off an effort to study the psychology of cyberattackers, as part of an effort to weaponize hackers’ intellectual biases and thwart hostile intrusion attempts, the office announced last week.
The Intelligence Advanced Research Projects Activity endeavor — titled Reimagining Security with Cyberpsychology-Informed Network Defenses, or ReSCIND — would “leverage attackers’ human limitations, such as innate decision-making biases and cognitive vulnerabilities, to disrupt their attacks,” ODNI said.
“By combining traditional cybersecurity practices with the emerging field of cyberpsychology, IARPA is set to engineer a first-of-its-kind cyber technology that makes an attacker’s job that much harder,” the project announcement added.
Psychology researchers have previously examined how cybercriminals use cognitive biases through strategies like socially engineered cyberattacks and disinformation campaigns. Research has also been conducted on hackers’ psychology, focused on their motivations and curiosities that lead them to carry out their work. The new frontier would focus on cybersecurity measures that exploit the biases of the attackers themselves.
The program, expected to run for four years, awarded research contracts to Charles River Analytics, GrammaTech, Peraton Labs, Raytheon and SRI International. IARPA in 2022 released a request for information on cyberpsychology, pointing out that while there are theories about cognitive effects that influence cyberattackers, only a handful of these have been confirmed in the context of cybersecurity.
“Recent experiments demonstrating the power of framing effects were investigated, indicating that attackers who were provided information that deceptive technology was present on a network had less forward progress,” the request said at the time. “Additional work has examined the effect factors like uncertainty have when interacting with other cognitive effects.”
“ReSCIND will enable the Intelligence Community’s cyber defenders to penalize attackers with the costs of wasted time and effort, which will delay, and potentially thwart, attacks and more rapidly expose the identities behind them,” program manager Kimberly Ferguson-Walter said.
source: NextGov
